On 2012-02-28, Camiel Dobbelaar <c...@sentia.nl> wrote: > On 27-2-2012 22:22, Hrvoje Popovski wrote: >> i'm having problem with ftp communication. when ftp client behind >> openbsd 5.0 firewall connects to ftp server or servers >> they see 425: Securiy: Bad IP connecting. >> >> openbsd has random nat with pool of /27 public addresess and inside >> hosts connect through that pool. >> when ftp-proxy is enabled or nat is configured without random nat >> option, everything is working like charm. problem is that i need that >> crazy random stuff :) >> is there any option to rotate ip adrese per ftp session? > > There is no such option in ftp-proxy. > > What _might_ work is to run one ftp-proxy per IP (30 in your case) and > use "random" on the divert-to. > ><5 minutes later> > > I just tried it, and it does not work... divert-to does not support > random like rdr-to does. > > -- > Cam > >
*not* tested but you could probably run a couple of ftp-proxy instances on different ports and use 'probability' rules to hit the right one. btw: that random stuff, at least without source-tracking, is likely to break bank websites etc.
